Bloomberg News 
(9/28, Robertson) reports, "Wireless medical devices are potentially vulnerable to being remotely controlled by hackers and should be tracked more closely," according to report (pdf) released Thursday by the Government Accountability Office. The investigation into "electronic medical-device safety was initiated after computer-security researchers found dangerous vulnerabilities in insulin pumps." Democratic Reps. Anna Eshoo (CA), Edward Markey (MA) and Donna Edwards (MD) had "asked last year for the GAO report, which called on the Food and Drug Administration to oversee better identification and investigation of security problems in electronic medical equipment such as insulin pumps, pacemakers and defibrillators."
(9/28, Robertson) reports, "Wireless medical devices are potentially vulnerable to being remotely controlled by hackers and should be tracked more closely," according to report (pdf) released Thursday by the Government Accountability Office. The investigation into "electronic medical-device safety was initiated after computer-security researchers found dangerous vulnerabilities in insulin pumps." Democratic Reps. Anna Eshoo (CA), Edward Markey (MA) and Donna Edwards (MD) had "asked last year for the GAO report, which called on the Food and Drug Administration to oversee better identification and investigation of security problems in electronic medical equipment such as insulin pumps, pacemakers and defibrillators."
The Hill (9/28, Viebeck) "Healthwatch" blog adds that the three Representatives issued a statement Thursday, calling for the FDA to "scrutinize implantable medical devices more carefully. ... 'The demonstrated security risks require a renewed emphasis by the FDA and manufacturers to identify, evaluate and plug the potentially rare but serious security holes that exist in these devices,'" they wrote. Reps. Eshoo, Edwards and Edward urged the FDA to "create a plan to ensure information security risks are considered during device approval" and pressed the agency to "consult related government standards on hacking and computer security for guidance." And although the GAO report noted that "no incidents of medical-device hacking are known to have occurred outside the laboratory," the three House Members "said the threat should not be overlooked."
(9/28, Viebeck) "Healthwatch" blog adds that the three Representatives issued a statement Thursday, calling for the FDA to "scrutinize implantable medical devices more carefully. ... 'The demonstrated security risks require a renewed emphasis by the FDA and manufacturers to identify, evaluate and plug the potentially rare but serious security holes that exist in these devices,'" they wrote. Reps. Eshoo, Edwards and Edward urged the FDA to "create a plan to ensure information security risks are considered during device approval" and pressed the agency to "consult related government standards on hacking and computer security for guidance." And although the GAO report noted that "no incidents of medical-device hacking are known to have occurred outside the laboratory," the three House Members "said the threat should not be overlooked."
The Minneapolis Star Tribune (9/28, Walsh) says that in its report, the GAO said the when the FDA considers "devices' vulnerability to threats," the agency typically focuses "more on unintentional threats, such as MRI machines or electromagnetic energy in the environment." But the GAO emphasized that Federal regulators should "consider information security risks resulting from intentional threats when reviewing manufacturers' submissions for new devices."
(9/28, Walsh) says that in its report, the GAO said the when the FDA considers "devices' vulnerability to threats," the agency typically focuses "more on unintentional threats, such as MRI machines or electromagnetic energy in the environment." But the GAO emphasized that Federal regulators should "consider information security risks resulting from intentional threats when reviewing manufacturers' submissions for new devices."
Modern Healthcare (9/28, Daly, Subscription Publication) adds that the GAO report also "criticized the FDA's post-market surveillance efforts, which include an adverse-event reporting system"; the authors pointed out that because "information security in active implantable medical devices is a relatively new issue, those reporting might not understand the relevance of information security risks." Meanwhile, FDA officials said they "plan to re-examine their evaluations of software used in medical devices and add an assessment of 'information security risks.'" FDA spokesperson Michelle Bolek said the FDA "concurs with GAO that the agency continuously develop and implement new strategies designed to assist the agency in its medical device premarket review and post-market surveillance efforts relative to information security."
(9/28, Daly, Subscription Publication) adds that the GAO report also "criticized the FDA's post-market surveillance efforts, which include an adverse-event reporting system"; the authors pointed out that because "information security in active implantable medical devices is a relatively new issue, those reporting might not understand the relevance of information security risks." Meanwhile, FDA officials said they "plan to re-examine their evaluations of software used in medical devices and add an assessment of 'information security risks.'" FDA spokesperson Michelle Bolek said the FDA "concurs with GAO that the agency continuously develop and implement new strategies designed to assist the agency in its medical device premarket review and post-market surveillance efforts relative to information security."
The National Journal (9/28, Smith, Subscription Publication) also covers the GAO report and the House Members' statements in its "Tech Daily Dose" blog.
(9/28, Smith, Subscription Publication) also covers the GAO report and the House Members' statements in its "Tech Daily Dose" blog.
No comments:
Post a Comment